Like many industries, critical infrastructure systems—power plants, transportation networks, hospitals, and all the systems essential to keep communities and countries running—are increasingly digitally controlled and connected. This shift brings enormous operating and business efficiencies.
It also brings enormous cyber risk.
The U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) reported that, in 2015, cybersecurity incidents involving critical infrastructure increased by 20%. And 2016 is proving to be far worse. Take the spate of ransomware attacks on health service organizations that disrupted operations for days in some cases. Or the attack on the Lansing Board of Water & Light in Michigan that has cost the utility an estimated $2 million so far.